Skip to content

Instantly share code, notes, and snippets.

@merapi

merapi/apk recompile remove ssl pinning

Created October 19, 2019 19:52
Show Gist options
  • Save merapi/344f8aae891681c323f25ea848882884 to your computer and use it in GitHub Desktop.
Save merapi/344f8aae891681c323f25ea848882884 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
apk recompile remove ssl pinning
# Decompile APK
apktool d path/to/app.apk -o output/directory
# Remove SSL pinning
grep -R "CertificatePinner" .
// remove lines like
invoke-virtual {v2, v3, v4}, Lokhttp3/CertificatePinner$Builder;->add(Ljava/lang/String;[Ljava/lang/String;)Lokhttp3/CertificatePinner$Builder;
move-result-object v2
# Recompile APK
apktool b decompiled/apk/directory -o app-patched.apk
# Zipalign APK to make it compatible with Android
zipalign -p 4 app-patched.apk app-aligned.apk
# Sign APK with your key so Android accepts it.
apksigner sign --ks my-release-key.keystore app-aligned.apk
# Alternatively, you can use jarsigner
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore keystore.jks app-aligned.apk selfsigned
#Need key?
keytool -genkey -v -keystore my-release-key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias my-alias
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment